Amazon GuardDuty Partners

Accenture is a leading, global professional services company that provides an end-to-end solution to migrate to and manage operations on AWS. The Accenture AWS Business Group (AABG) combines the capabilities and services required to help accelerate your adoption of the AWS Cloud. Through the Accenture AWS Business Group, Accenture and AWS are jointly committed to help you transform organizational processes and skills, adopt a cloud-first strategy to innovate new products and services, operate securely at global scale, and quickly achieve business results. Accenture AWS Business Group provides transformational services for security in AWS, including guidance on the use and integration of Amazon GuardDuty into a broader cloud security operations strategy.

Alert Logic® Cloud Insight™ Essentials is an AWS-native security service that shows why, where and how to respond to Amazon GuardDuty findings while continuously assessing AWS configurations to find exposures and recommend actions that prevent future compromises. Customers can take action sooner with incident response support that explains GuardDuty findings, provides additional detail about which assets are impacted, recommends which actions to prioritize and provides workflow to make response more efficient. Cloud Insight Essentials can help you prevent future compromises with continuous checks for configuration mistakes in AWS account and service configurations. Alert Logic Cloud Insight Essentials can be launched immediately with minimal permissions, zero footprint in your AWS environment, and no security experience required.

Check Point CloudGuard IaaS complements native AWS controls to bring advanced, multi-layered security for protecting customer environments from even the most sophisticated threats. To keep pace with the dynamic nature of the cloud, CloudGuard for AWS consumes and leverages contextual information such as asset tags, security groups, availability zones and more to automatically update security policies in real-time. CloudGuard for AWS also now integrates with Amazon GuardDuty to collect additional threat information, such as malicious IP addresses. Dynamic security policies are then created to automatically block any activity originating from all malicious IP addresses. When Amazon GuardDuty updates the list of malicious IP addresses, CloudGuard for AWS automatically updates its security policies to reflect these changes. The integration demonstrates the value of context sharing for enhanced protection of business-critical workloads on AWS.

CrowdStrike® provides cloud-based endpoint protection that unifies next-generation antivirus, endpoint detection and response (EDR), IT hygiene, and a 24/7 managed hunting service — all delivered via a single lightweight agent. Because the CrowdStrike threat intelligence feed is seamlessly integrated with Amazon GuardDuty, customers can be confident in their security practice knowing they have CrowdStrike Falcon® providing the next layer of protection against advanced cyberattacks. Clients of Amazon GuardDuty gain the benefits of CrowdStrike's use of sophisticated signatureless artificial intelligence/machine learning and indicator of attack (IOA)-based threat prevention to stop known and unknown threats in real time.

Deloitte is one of the largest professional services firms in the world and a leader in digital transformation strategy. Through a network of more than 244,000 professionals, industry specialists, and an ecosystem of alliances, Deloitte assists clients in turning complex business issues into opportunities for growth. As APN Premier Partner with the Security Competency, Deloitte’s Cyber Risk Services for AWS incorporate security capability areas built on our experience serving clients, industry leading practices, and applicable regulatory requirements. The services allow an organization to assess AWS capabilities, including AWS security services such as Amazon GuardDuty, to manage risks with their control responsibilities.

By using Amazon GuardDuty as an additional data source, the Evident Security Platform (ESP) provides DevSecOps and Compliance additional assurance that their cloud environments meet the strictest security standards and fulfill compliance requirements. Amazon GuardDuty detections will enhance the ESP risk alerts to with details about threats and the AWS resources involved.

The Palo Alto Networks VM-Series next generation firewall complements AWS security groups and web application firewalls by controlling your AWS traffic based on the application identity and preventing known and unknown threats within the allowed application flows. To keep pace with the speed of the cloud, VM-Series automation and management features can be used to consume external information to dynamically update security policies. The VM-Series next generation firewall integrates with Amazon GuardDuty using a Lambda function to collect threat intelligence information such as malicious IP addresses and delivering it to the firewall as an external list source. A dynamic security policy is then created to automatically block any activity emanating from the list of malicious IP addresses. When Amazon GuardDuty updates the list of IP addresses, the prevention policy is in turn automatically updated, without administrative intervention. The integration demonstrates how threat intelligence generated by Amazon GuardDuty can be used in near real time, by the VM-Series to protect business critical workloads on AWS.

Rapid7 is trusted by IT and security professionals around the world to manage risk, simplify modern IT complexity, and drive innovation. Rapid7 analytics transform today’s vast amounts of security and IT data into the answers needed to securely develop and operate sophisticated IT networks and applications. Our InsightIDR product leverages attacker analytics to detect intruder activity, cutting down false positives and days’ worth of work for your security professionals. By integrating Amazon GuardDuty and InsightIDR you can hunt for actions indicative of compromised credentials, spots lateral movement across assets, detects malware, and sets traps for intruders.

To further transform security through an analytics-driven approach, Splunk has developed an integration for the newly available Amazon GuardDuty. The integration streamlines ingestion of GuardDuty security findings from across regions and accounts into the Splunk platform for further analysis. By aggregating and analyzing GuardDuty findings, Splunk can provide security teams additional context for early detection, rapid investigations and remediation of potential threats. The Splunk integration via the Splunk App for AWS, extends the ability of AWS customers' ability to use security analytics at each stage to accelerate detection, investigation, and response to potential threats in their AWS environments.